Linux Distros Unpatched Vulnerability : CVE-2025-37885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Reset IRTE to host control if new route isn't postable Restore an IRTE back to host control remapped or posted MSI mode if the new GSI route prevents...

Activate Me!: Designing Efficient Activation Functions for Privacy-Preserving Machine Learning with Fully Homomorphic Encryption

The growing adoption of machine learning in sensitive areas such as healthcare and defense introduces significant privacy and security challenges. These domains demand robust data protection, as models depend on large volumes of sensitive information for both training and inference. Fully...

Linux Distros Unpatched Vulnerability : CVE-2021-3656

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided...

Machine Learning-Based AES Key Recovery Via Side-Channel Analysis on the ASCAD Dataset

Cryptographic algorithms like AES and RSA are widely used and they are mathematically robust and almost unbreakable but its implementation on physical devices often leak information through side channels, such as electromagnetic EM emissions, potentially compromising said theoretically secure...

Linux Distros Unpatched Vulnerability : CVE-2025-37957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f KVM: x86: forcibly leave nested mode on vCPU reset addressed an issue...

Malicious code in 16bit-js-vm-model (npm)

The package 16bit-js-vm-model was found to contain malicious code...

platzi-virtual-machine (=1.0.0) potentially affected by unknown CVE via pvm (=0.0.1-security)

pvm NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on pvm and may be impacted: - platzi-virtual-machine =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-30899...

Malicious code in loclys-leaflet-routing-machine (npm)

The package loclys-leaflet-routing-machine was found to contain malicious code...

Malicious code in @lbnqduy/musical-computing-machine (npm)

The package @lbnqduy/musical-computing-machine was found to contain malicious code...

MAL-2025-8335 Malicious code in @lbnqduy/musical-computing-machine (npm)

The package @lbnqduy/musical-computing-machine was found to contain malicious code...

MAL-2025-25498 Malicious code in loclys-leaflet-routing-machine (npm)

The package loclys-leaflet-routing-machine was found to contain malicious code...

MAL-2025-6984 Malicious code in 16bit-js-vm-model (npm)

The package 16bit-js-vm-model was found to contain malicious code...

Enhancing GraphQL Security by Detecting Malicious Queries Using Large Language Models, Sentence Transformers, and Convolutional Neural Networks

GraphQL's flexibility, while beneficial for efficient data fetching, introduces unique security vulnerabilities that traditional API security mechanisms often fail to address. Malicious GraphQL queries can exploit the language's dynamic nature, leading to denial-of-service attacks, data...

PT-2025-37194

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description VMScape is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. The vulnerability allows a malicious virtual machin...

CVE-2025-2184

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have...

CVE-2025-2184

Summary: CVE-2025-2184 describes a credential management flaw in Palo Alto Networks Cortex XDR® Broker VM. Different Broker VM images reportedly share identical default credentials for internal services, enabling an attacker with network access to access internal services on other Broker VM insta...

CVE-2025-2184 Cortex XDR Broker VM: Secrets Shared Across Multiple Broker VM Images

A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have...

Demystifying the Role of Rule-Based Detection in AI Systems for Windows Malware Detection

Malware detection increasingly relies on AI systems that integrate signature-based detection with machine learning. However, these components are typically developed and combined in isolation, missing opportunities to reduce data complexity and strengthen defenses against adversarial EXEmples,...

Linux Distros Unpatched Vulnerability : CVE-2022-48949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - igb: Initialize mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. The memory,...

Enhance the Machine Learning Algorithm Performance in Phishing Detection with Keyword Features

Recently, we can observe a significant increase of the phishing attacks in the Internet. In a typical phishing attack, the attacker sets up a malicious website that looks similar to the legitimate website in order to obtain the end-users' information. This may cause the leakage of the sensitive...